8
Lessons Learned  It’s all about relationships –Let people engage, cradle to grave –Multiple, overlapping, ever changing  Embrace multiple authoritative sources –Authoritative for attributes, not people  Account names should be ephemeral –Users should be free to select and change –Applications should record account ID, not name  Dynamic rules, not static roles

10
What are Federations?  Group of organizations sharing a set of agreed policies and rules for access to online resources –enable members to establish trust and shared understanding of language or terminology –provide a structure / legal framework that enables authentication and authorization  Enables people to use their home credentials to connect to remote sites –Without revealing their credentials (pseudonimity) –Without releasing unnecessary private information

19
What Comes Next?  Move control from the institution to the individual  Complex interactions with many institutions  Greater control over identity data –User chooses which attributes (claims) to release, and where to get those claims  User Centric Identity - “Identity 2.0” “ Of course I have a secret identity. I mean, do you see me at the supermarket wearing... this? Who wants to go shopping as Elastigirl, know what I'm saying?"

22
What is OpenID?  Open source, distributed authentication system  Simple and lightweight: identity is a URL  Fully decentralized and open platform  I want to log into example.com: 1.I type my OpenID URL into the login form on example.com 2.example.com redirects me (via my web-browser) to myopenid.com 3.I tell myopenid.com whether or not I trust example.com with my identity 4.I am redirected back to example.com and am automatically logged in